Image
August 23, 2024

Major Data Breaches & Hacking News in August 2024

August 27, 2024
Cybercriminals don’t take summer vacation. Even as the season ends and many people are back in school or work, identity thieves are still orchestrating major data breaches. Recently, companies such as National Public Data, Trello, HealthEquity, Financial Business and Consumer Solutions, Mobile Guardian, ADT, and Gemini have all faced significant security incidents compromising user data and corporate information. Read on to get the details about each incident:
Image
National Public Data/Jerico Pictures Inc.

Organization Description: Jerico Pictures Inc., doing business as National Public Data, is a widely used background check company and public records data provider.

Breach Size: 3 billion

Data Exposed: In one of the most significant cybersecurity incidents in recent history, a massive data breach affecting 3 billion records in the U.S., UK, and Canada occurred earlier this year at National Public Data. A hacking group known as USDoD claimed to have stolen people’s names, address histories, and Social Security numbers. In April, the data was posted for sale on the dark web for $3.5 million, but in August, a hacker leaked the information for free, making billions vulnerable to identity theft attempts. National Public Data is investigating the incident and implemented additional security measures to prevent similar incidents in the future.

Icon
Trello 

Organization Description: Trello is an online project management tool owned by Atlassian.

Breach Size: 15 million

Data Exposed: The significant data breach at Trello came to light in January, when it was discovered that a cybercriminal known as “emo” was selling the profiles of over 15 million members on an online hacking forum. The compromised data included names, email addresses, and profile information. This summer, the hacker shared the entire list of profiles on the Breached hacking forum for eight site credits (worth $2.32). Trello is investigating the breach and advising users on how to best protect their accounts.

Icon
HealthEquity

Organization Description: HealthEquity is a popular health savings account (HSA) provider.

Breach Size: 4.3 million

Data Exposed: At the end of June, HealthEquity disclosed they had a data breach impacting 4.3 million members due to a compromised third-party vendor account. The data exposed included sign-up information such as names, employee IDs, phone numbers, addresses, employers, Social Security numbers, dependent information, and limited payment card details, putting users at risk for personalized phishing attempts (also known as spear phishing) and identity fraud. HealthEquity is investigating the breach and claims it was an isolated incident.

Image
Financial Business and Consumer Solutions

Organization Description: Financial Business and Consumer Solutions (FBCS) is a U.S. debt collection agency.

Breach Size: 4.2 million

Data Exposed: FBCS has once again increased the number of people impacted by a data breach that occurred in mid-February, which is currently under investigation. It revealed people’s names, Social Security numbers, dates of birth, account information, and driver’s license numbers or ID cards. In April, the firm reported that 1.9 million people in the U.S. had sensitive information compromised but have since revised that number to 4.2 million people. FBCS is working with computer forensics specialists to investigate the breach.

Icon
Mobile Guardian

Organization Description: Mobile Guardian is a device management application tool for K-12 schools.

Breach Size: 13,000

Data Exposed: Students in North America, Europe, and Singapore were impacted by a data breach at Mobile Guardian this month. The company announced that a hacker gained unauthorized access to the platform and remotely wiped data from at least 13,000 students’ iPads and Chromebooks. Mobile Guardian is working with cybersecurity experts to strengthen security measures and prevent future incidents.

Icon
ADT

Organization Description: ADT is a leading provider of security systems for residential and corporate customers.

Breach Size: 30,000

Data Exposed: This month, ADT warned its customers of a data breach in which threat actors leaked customer information, including email addresses, complete addresses, user IDS, and products purchased on a popular hacking forum. While the security company reported that no banking information was compromised, the breach still puts victims at risk of targeted phishing attempts. ADT is investigating the incident and has notified affected customers.

Icon
Gemini

Organization Description: Gemini is a cryptocurrency exchange that allows users to buy, sell, and store cryptocurrency.

Breach Size: 15,000

Data Exposed: At the beginning of June, Gemini suffered a third-party data breach from its ACH provider that exposed the banking information of 15,000 users. The compromised data includes names, bank account numbers, and routing numbers. Gemini has contained the breach and is investigating it alongside cyber forensics experts. This follows a 2022 data breach in which information was stolen from 5.7 million Gemini users. The events resulted in a lawsuit between Gemini and IRA Financial Trust and raised concerns about security in the cryptocurrency space. As part of a settlement, Gemini will pay a $37 million fine and return at least $1.1 billion to customers of its lending program.

Hacking & Phishing News
Spear Phishing

Many people are becoming increasingly vigilant about phishing attempts — a type of social engineering attack which involves sending fraudulent emails or messages through social media, with attackers pretending to represent a trusted source. But recently there has been a rise in a more targeted strategy known as spear phishing. In this case, personal research has been done to target a specific individual or small group of people. Increased vigilance is essential when receiving unsolicited requests for sensitive personal information like usernames and passwords.

Brute-force Attacks

Some hackers attempt to crack passwords using automated computer programs. Brute-force software repeatedly attempts every possible password, sometimes checking up to a billion passwords each second. Among the best tactics to prevent this method of password cracking are creating long passwords, changing them regularly, and utilizing multi-factor authentication.

Learn More

IDSeal will continuously search the dark web and alert you when your information is found. If your identity is stolen, we provide white-glove service to help restore your identity with up to $1 million in coverage for eligible losses and fees due to identity theft.2

Implementing personal security practices such as using strong, unique passwords, enabling multi-factor authentication, monitoring financial statements, and being aware of phishing or smishing scams can significantly reduce identity theft risk.

Related Articles
Featured image for “Major Data Breaches & Hacking News in June 2024”

Major Data Breaches & Hacking News in June 2024

June 27, 2024While many people across North America were celebrating the end of school, Father’s Day and the beginning of summer this June, identity thieves were celebrating major wins in data breaches. Companies such as Live Nation, Christie’s, Truist Bank, KeyTronic, Panera Bread, and Frontier have all faced significant security…
Featured image for “IDSeal® allows you to independently manage your identity”

IDSeal® allows you to independently manage your identity

As we celebrate Independence Day this month, it’s a perfect time to reflect on the true essence of independence. Just as our nation values freedom and self-governance, it’s equally important to adopt a mindset of personal responsibility in our everyday lives. One critical area where this mindset is essential is…

Start protecting your identity today! Signing up is quick & easy

Remember, 1-in-4 Americans are the victim of identity theft. It's not a matter

of if you'll become a victim, it's when...

Get Protected